CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-5259

Cross-site scripting (XSS) vulnerability in cattranslate.php in the CatTranslate JQuery plugin in BlackCat CMS 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.0%

CVSS Severity

CVSS v2 Score 4.3

References

http://forum.blackcat-cms.org/viewtopic.php?f=2&t=263
http://packetstormsecurity.com/files/128141/BlackCat-CMS-1.0.3-Cross-Site-Scripting.html
http://www.securityfocus.com/archive/1/533336/100/0/threaded
http://www.securityfocus.com/bid/69551
https://exchange.xforce.ibmcloud.com/vulnerabilities/95717
https://www.htbridge.com/advisory/HTB23228
http://forum.blackcat-cms.org/viewtopic.php?f=2&t=263
http://packetstormsecurity.com/files/128141/BlackCat-CMS-1.0.3-Cross-Site-Scripting.html
http://www.securityfocus.com/archive/1/533336/100/0/threaded
http://www.securityfocus.com/bid/69551
https://exchange.xforce.ibmcloud.com/vulnerabilities/95717
https://www.htbridge.com/advisory/HTB23228

Products affected by CVE-2014-5259

Blackcat-Cms » Blackcat Cms » Version: 1.0

cpe:2.3:a:blackcat-cms:blackcat_cms:1.0
Blackcat-Cms » Blackcat Cms » Version: 1.0.1

cpe:2.3:a:blackcat-cms:blackcat_cms:1.0.1
Blackcat-Cms » Blackcat Cms » Version: 1.0.2

cpe:2.3:a:blackcat-cms:blackcat_cms:1.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-5259

Products

Pricing

Contact Us